I am about to update our application to API v2 and had a few questions.
1) Our application makes use of the activityType=SV_ADD parameter, used for POST calls in API v1 to add a list of emails. I checked around on the net, and could not find a replacement for this. We like this method and would like to keep it; is there any support for it in API v2? Is it just that the request URI has to be changed? Example:
if (newSubscriberEmails.Count > 0) RESTHelper.POST(AuthHelper.ApiUsername, AuthHelper.ApiPassword, null,
+ "&data=" + newSubscriberEmails
2) I believe our application uses basic authentication - api key, username and password. I heard that basic auth will be deprecated in the future. How far away are we from that? Does it mean basic authentication calls won't work at all at some point?
3) Related to #2, it seems like OAuth 2.0 is the accepted way of authenticating request calls, but I am still a bit confused by it. Many of the articles and posts I'm reading talk about it being for websites and users that want to access a website. What I'm running is a console application that is not run by any outside user, only me; do I still need OAuth 2.0?
4) Is there any way to do a bulk opt-out of contacts in one request call? We've been using a foreach and running a DELETE on each email in the list, however with the new request call limits, this could cause problems down the road. We rarely do this but I'm asking just in case.
Hopefully the following answers will help out :)
1. Version 2 of the API is REST based, meaning it uses HTTP Action Verbs to determine what type of action is being performed. In REST, POST is used to create a new record, PUT to update, GET to retrieve, and DELETE to delete a record. PATCH can also be used on some endpoints to do a partial update.
To do a bulk insert of contacts you can use our Bulk Add Contact endpoint, with documentation found here: http://developer.constantcontact.com/docs/bulk_activities_api/bulk-activities-add-contacts.html
Or do insert a single contact, you can use the endpoint. You can documentation for this endpoint at: http://developer.constantcontact.com/docs/contacts-api/contacts-collection.html?method=POST
2. OAuth2 is a much more secure method of transmitting data as it generates an access token that can be revoked at anytime, and prevents the need to store the username/ password of the Constant Contact account so that in the event of an application being breached, the hacker would still not be able to access billing and other personal information. With that said, while V1 of the API is deprecated, I don't think there are any immediate plans to do away with it- but we will not be adding any new functionality, only maintaining critical bugs. For that reason, as well as for security purposes I would highly recommend moving to the ACCESS_TOKEN or OAuth2 method.
3. OAuth can be a little confusing because it can be used multiple ways. For example, when you click on a site that says "Login with Facebook" and the Facebook login screen pops up, that is OAuth. But what is truly the OAuth part about this is that when they login an access token is generated making certain information accessible to the site... they are never given your login credentials. This is the same way our login system works, only it can also be done directly through the API (so your users never have to see a login screen).
You can find information about migrating from basic to OAuth here: http://developer.constantcontact.com/docs/authentication/basic-to-oauth2-migration.html
4. Yes, you can do a bulk removal of contacts from lists using our removefromlists endpoint. Documentation for this can be found here: http://developer.constantcontact.com/docs/bulk_activities_api/bulks-activities-remove-contacts-api.h...
Hopefully that helps out, and if not feel free to send me a private message with your email and I can work with you personally to get things working :)
Have a great day,